As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.
CentOS Enterprise Setup
You will learn
How to install and configure ThreadFix on CentOS. While these instructions should apply to RHEL as well, the following instructions were developed and tested against CentOS 7.
Prerequisites
Audience: IT Professional and/or End User
Difficulty: Intermediate
Time needed: Approximately 60 minutes
Tools required: OpenJDK 8, latest version of OpenJDK 11 or Oracle Java 8, latest version of Tomcat 8.5, MySQL or Microsoft SQL Server
Install Java
To check the currently-installed version, run the java -version
command.
OpenJDK 11
OpenJDK 8
Oracle Java 8
Install and Configure Tomcat 8.5
ThreadFix recommends the latest version of Tomcat 8.5. Note versions prior to 8.5.78 are not recommended due to security exploit CVE-2022-22965.
Download the latest version of Tomcat 8.5.
For the current version of ThreadFix, yum is not recommended for installing Tomcat. Getting the latest version of Tomcat 8.5 directly with wget is the preferred method. The link to the tarball is provided by the official Apache Tomcat site and it is a mirror site hosting the most recent version.
If the above command doesn't work, the download may have been moved/updated. Browse to Apache Download Mirrors to determine the most recent version available.
2. Create a directory to install Tomcat, then extract the tar ball there.
3. Create a group and user to manage the Tomcat execution.
Web.xml Update
For compatibility with Tomcat 8.5.43 and newer, make the following update:
Open the <tomcat-deploy>/conf/web.xml file in a text editor with elevated privilege and edit the default servlet as follows:
OLD
NEW
Enable Tomcat Service
If you want tomcat to run as a service that you can have start automatically at boot, the preferred method is using systemd. Create a file at /etc/systemd/system/tomcat.service
with the following content. CentOS systemd Tomcat Service:
SSL/TLS Implementation
For information on configuring Tomcat to run over SSL/TLS, refer to the following article.
Install and Configure the Database
To install and configure MySQL, refer to the CentOS MySQL Installation and Configuration page.
To install and configure Microsoft SQL Server, refer to the Windows SQL Server Configuration page.
Install and Configure ThreadFix
Once you've followed the steps above, you're ready to install ThreadFix. Please see the ThreadFix Installation guide to complete your deployment.
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.